Super smart social threats running wild

In one week, a very clever piece of social engineering is spotted, it emerges Facebook phishing is rising and thousands of Twitter users are hacked. Just what's going on?

Social network

ANALYSIS A number of developments this week have not only confirmed scams on social sites are massively widespread, they've established the cyber criminals behind them are getting awfully clever.

As almost every security expert under the sun predicted towards the end of last year, social networks are getting cluttered with scammers looking to make an easy buck.

Trojan.FakeAV.LVT takes social engineering to a whole new level by presenting the user with extremely convincing scenarios at each stage of the process.

Those experts may not have banked on such sophistication, however. Today, BitDefender released info on what may be the smartest piece of social engineering seen yet.

Advertisement - Article continues below
Advertisement - Article continues below

It leverages two Web 2.0 services YouTube and Facebook to trick users into downloading malware.

Known as Trojan.FakeAV.LVT, it attempts to trick Facebook users into believing a video about them has been posted on YouTube.

Simple, no? But here's where the cyber criminals get cunning, as they've managed to add comments to supplement the video which appear to be from the target's Facebook buddies.

The video itself even has the target's full name in the title, as spelt on their Facebook profile.

Once the target tries to watch the video, they are prompted to install what is purportedly an updated version' of Flash. Of course, the download contains nothing of the sort it carries fake anti-virus software containing both a malware downloader and botnet capabilities to further the propagation of the threat.

The criminals' guile doesn't stop there. The fake anti-virus can impersonate the look and feel of 16 different legitimate security solutions currently on the market. Once installed the fake AV removes the real product and the victim is infected. Cunning stuff.

Advertisement - Article continues below

"Trojan.FakeAV.LVT takes social engineering to a whole new level by presenting the user with extremely convincing scenarios at each stage of the process," said Catalin Cosoi, head of the BitDefender Online Threats Lab.

"Trojan.FakeAV.LVT is deceptively clever as it is capable of replicating almost any anti-virus or online security software on the market today. To guard against these cunning new threats, BitDefender recommends downloading Flash-related updates through the Adobe website, instead of through a redirect link. If you're unsure whether the video is legitimate, it's best to go directly to YouTube and search for the video's existence."

Facebook phishing frenzy and terrible tweets

Malicious hackers have been filling Facebook with their illicit ideas as well.

Advertisement - Article continues below

There was a significant rise in phishing attacks on Facebook in June, with a 4.07 per cent increase, Kaspersky pointed out this week. Facebook is now the third most phished website.

Twitter, meanwhile, has seen thousands of users compromised, with hackers trying to spread the word about a weight loss supplement. The old Acai Berry diet scam is still doing the rounds, it seems, with typical tweets reading: "Get the beach body you've always wanted, now you can with this weight loss supplement."

Advertisement - Article continues below

Sophos said it was unclear how the accounts had actually been compromised, but nonetheless advised affected users to change their passwords immediately.

Google+ looks set to be yet another playground for hackers too.

"We expect an increase in unsolicited emails exploiting the new Google social network," said Maria Namestnikova, senior spam analyst at Kaspersky Lab.

"They will most likely contain both phishing links and malicious code."

If cyber criminals continue to get ever more convincing in their scams, as in the YouTube fake AV exploit above, a lot of users could be in trouble.

How should users counter these threats? The only real answer at the minute is to have decent levels of security, not just rely on heuristics-based anti-virus products, and to be aware of the kinds of tricks online crooks are capable of. There's little else that can help.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now



What is a Trojan?

14 Aug 2019

Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Policy & legislation

Irish Data Protection Commission has questions for Facebook

29 Jan 2019
internet security

Facebook exec calls Cambridge Analytica scandal a "non event"

8 Jan 2020

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020